Exercise 1: CERT Overview and RFC1281 and RFC1296.
15 Points, You may take this as many times as you wish before Midnight
Sept 7 (Sept 6, Labor Day)
.
Be prepared to discuss the RFC's next week for a 15 point lab.
Participation Week 1-4: Log on to Angel
and make some postings and join our discussion about computer security. Be
sure to comment on the CERT overview and RFC1281 and RFC2196. 10 Points Participation, Due by
Sept 20
Midnight.
Lab 1:
We will run a packet sniffer and login to our Linux accounts and our Angel
accounts.
Homework 1 and Presentation 1,
Send me a 1-2 page typed report in e-mail before class on how you updated your system. Be sure that you run MS Baseline Security Analyzer on your system. It is a binary that you downoad and run locally. 25 points for the presentation and 15 points for the Report.
Due Sept 13
at the beginning of
class.
Participation Lab Week 1-4: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by:
Sept 20
at Midnight.
Quiz at the beginning of class next week. 25 points.
Participation Lab Week 1-4: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by Midnight Sept 20
.
Legal and Ethical Issues
-->
Homework - whois.
Run whois on 10 different IP addresses that you find and write
down who is the manager of the network for the IP address.
10 points, bring your results to class, hand in and
we'll look them up too.
Participation Lab Week 5-8: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by Midnight Oct 18
.
Finish Student Presentations, hand in 10 IP addresses.
DoS Attacks and Legal and Ethical Issues in Computer Security
Quiz 1
We may not get to DoS attacks today so we are taking that subject
up next week. The DoS attacks Exercise is due as noted below.
Denial of
service is defined as an event that renders the service of the system that is
under DoS attack unusable. It is important to note that you may be suceptable to
a DoS attack even though you have no identifiable vulnerability in your systems.
Legal Ethical and Professional Issues in Computer Security. We
will be covering some of these issues in an interactive class discussion.
-->
Links, Reading and Discussion Topics:
We will be picking up on the spam lecture next week. For this week you
should sign up for a security e-mail newsletter and then come next week
telling what security newsletter you subscribed to and bring in a sheet
detailing one e-mail that you got from the list and do a report on the
vulnerability that you found out about. 25 points typed report and 25 points
presentation on vulnerability. Be sure to include details on how the
vulnerability is accessed, technical details about how the vulnerability
works and what systems are affected. Do not just show up with an e-mail, I
want your interpretation showing that you understand how the vulnerability works
in technical terms.
Sources: CERT e-mail list, SANS e-mail list, Microsoft e-mail lists,
ntbugtraq list and many others. If you do not know what list to subscribe to,
post on the discussion board and others may have ideas.
e-mail sendmail and spam
Continue DOS Lecture and Start on spam
Participation Week 9-12: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by Midnight
Nov 15
.
Review a Security Website: Log on to Angel
and make some postings and join our discussion about computer security websites. 10 Points under the Labs tab. Due by Midnight
Oct 25
Participation Week 13-16: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by Midnight Dec 13
Lab Web Page: tunneling clear-text protocols through an encrypted tunnel.
Lab: tunneling clear-text protocols through an encrypted tunnel.
Homework Assignment:
Bring in a 1 page written presentation on some security subject that you have
learned about this Semester. You will make a presentation to the class on the
subject. 10 points for the written report. 15 points for the Presentation. Your
presentation will include a web page that you have written.
Links From Students: From JMotton
Basic PC security article at CERT
From
Kweaver
Denial of Service Attacks at Wikipedia
From
Rmcclary
Limiting Priviliges for users in XP
From
Mwilliams
CIA and other Obversations
Participation Week 13-16: Log on to Angel
and make some postings and join our discussion about computer security. 10 Points Participation, Due by Midnight [an error occurred while processing this directive].
